---
title: Introduction to Hacking - Countermeasures
show-content: 1
layout: console
---

I will now show you all the countermeasures you should take to protect yourself
from all of the password cracking attacks talked about in this section.

## Social Engineering

To protect yourself from social engineering attacks like the one discussed in
this chapted you must learn to question the possible attacker. If you get a
phone call from someone and you think that there may be a chance that the person
isn't who he says he is, then ask him some questions that he should be able to
answer to stablish his legitimacy. Some professional social engineers study the
company before attacking, so they might know all the answers. That's why, if you
still have some doubts, you should ask them the head of whatever department the
attacker is from to find out if he is legit. Better safe than sorry.

## Shoulder Surfing

When you type in your password, make sure there is no one behind you attempting
to peak. Also, make sure you don't keep any sticky notes laying around that have
your password or password hints on them.

## Guessing

To prevent this attack from happening, never use a password like your birth
date, you mother's maiden name, your pet's name, your spouse's name or anything
that someone may be able to guess.

## Dictionary attacks

Dictionary attacks are very simple to prevent. Don't use a password that is in
the dictionary. Some people may think that if they use a word from the
dictionary but replace most of the letters with a number, then they are safe.
They are not. There are 1337 speak dictionaries out there too. Basically what
1337 is, is changing a word like "_animal_" to "_4n1m41_". For a secure
password, I would recommend something like "youwonthackmehahalm4o!#@".

## Brute-force attacks

Brute-force attacks may be prevented by creating a very long password and using
many numbers and odd characters. The longer the password, the longer it takes
for the hacker to crack your password. If after a few days the hacker hasn't
been able to crack your password through a brute-force attack, then he is very
likely to just give up. Like I said in the dictionary attacks, creating a phrase
for your password is your best option for staying secure.

## Rainbow tables

You can avoid rainbow tables cracking by simply making your password extremely
long. Creating tables for passwords that are long takes a very long time and a
lot of resources. That is why there are not many of these tables available.

## Phishing

Phishing attacks are very simple to avoid. When you are asked to put your
personal information into a website, look up into the URL bar. If for example,
you are supposed to be on _gmail.com_ and in the URL bar it says something
completely different like gmail.gerardo.com or gamil.com then you know it is a
fake site.

[Index](/blog/intro_hacking/index)
